Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1133
  • Last Modified:

Schema is different on DCs

I just installed Exchange 2003 on a Windows 2003 member server within a mixed 2000 domain.
note: I performed the forestprep and domainprep on same member server...i know i know:)

After installation I noticed some errors and warnings in the Directory Service log of all DC's

Dominant operations master(Windows 2000 server): - 20 or so for each identifier
Event ID 1153
Class identifier 713196372 (class name msExchProtocolCfgIMAPPolicy) has an invalid superclass 196692.  Inheritance ignored.

Other windows 2003 DC's: - 30 or so for each identifier
Internal event: The following schema class has a superclass that is not valid.
Class identifier:
Class name:
Superclass identifier:
Inheritance was ignored.

NOTE: the schema master is different from the operations master. and its registry entry for 'Allow Schema Update' is disabled?

Now after the Exchange installation, only the proper tabs for Exchange features exist on the member server.  No other DC's contain the Exchange tabs.  And another thing when I try to Add/remove columns in dsa.msc on WIN2K3 DC's no addtional colums are listed.  Only WIN2K DC's have the all listings in Add/remove columns.

I have a feeling its a schema problem, but I may be missing something.  And if it is a schema problem how do i replicate it to the entire domain(win2k and win2k3 server)

  • 2
3 Solutions
Don know if this helps or not but interesting nevertheless http://blog.joeware.net/2006/10/03/655/
If those errors took place immediately after you ran forestprep/domainprep, they can be safely ignored as it's just a matter of schema changes taking time to replicate to your DCs.

> "No other DC's contain the Exchange tabs"

The Exchange tabs will not be visible on any machine on which you haven't installed the Exchange System Manager - you can verify that the attributes have replicated by viewing a user object using LDP or ADFIND from the command line, or the ADSI Edit GUI from the Support Tools.
vihunterAuthor Commented:
I normally wouldn't mind especially when i checked support.microsoft.com and they said to safely ignore errors.  But the issue is, I've recently taken over this domain, do I'm not sure if this existed before the exchange install or not:  In the Active directory snap-in, when i choose view>add/remove columns; I cant add any more columns, the left column is blank on Win2K3 DCs.  Actually if I try that same process at the domain root (and any non-OU container) the labels are there.
On WIn2K servers everything shows fine, all the labels for add/remove are in the left column.

And as far as Exchange, when I launch Outlook and the global address list comes up; within the e-mail address field it appears as is:  /o-domain.name/ou=first administrative group/cn=recipients/cn=username

Featured Post

Transaction-level recovery for Oracle database

Veeam Explore for Oracle delivers low RTOs and RPOs with agentless transaction log backup and transaction-level recovery of Oracle databases. You can restore the database to a precise point in time, even to a specific transaction.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now